Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/0afa88-b526-4763-9528-8b60e4b94bcf/1/6ABvmaPS9uHbwdQRA4IFx2SPXtY.roa
File:                     6ABvmaPS9uHbwdQRA4IFx2SPXtY.roa (raw, json)
Hash identifier:          Cq0c9JLG98S9bsYDXiNIDgfr8G4Ww/GRcY8ZX3MgKwg=
Subject key identifier:   E8:00:6F:99:A3:D2:F6:E1:DB:C1:D4:11:03:82:05:C7:64:8F:5E:D6
Certificate issuer:       /CN=1ddd15ef2f59abb95f2d9be5cee3303888623b97
Certificate serial:       0A5347F4
Authority key identifier: 1D:DD:15:EF:2F:59:AB:B9:5F:2D:9B:E5:CE:E3:30:38:88:62:3B:97
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Hd0V7y9Zq7lfLZvlzuMwOIhiO5c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/0afa88-b526-4763-9528-8b60e4b94bcf/1/6ABvmaPS9uHbwdQRA4IFx2SPXtY.roa
Signing time:             Sat 01 Jan 2022 12:02:23 +0000
ROA not before:           Sat 01 Jan 2022 12:02:23 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50876
IP address blocks:        193.202.123.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 173230068 (0xa5347f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1ddd15ef2f59abb95f2d9be5cee3303888623b97
        Validity
            Not Before: Jan  1 12:02:23 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=e8006f99a3d2f6e1dbc1d411038205c7648f5ed6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:47:cf:0b:8e:23:37:b4:66:8b:36:a1:df:a8:
                    62:f1:64:3f:73:de:9a:1f:fe:4a:1d:cb:72:32:d7:
                    49:8d:20:9c:91:65:e9:80:ee:c4:97:16:d1:e6:41:
                    59:a3:70:0c:b2:e8:4d:b8:66:c0:50:1d:e3:c4:73:
                    3b:a6:3f:18:58:3b:f6:af:1b:61:48:40:a1:54:6d:
                    a0:81:cb:c1:27:89:81:97:e0:61:33:8a:ed:27:71:
                    89:0d:95:b8:25:78:60:6c:56:cc:e7:46:aa:1e:cb:
                    4b:42:f6:66:2d:81:15:ea:93:e5:40:6f:68:97:ed:
                    5d:40:f5:4f:2d:ba:b1:ef:2a:6d:c0:37:e6:2e:5f:
                    50:bb:c5:c6:32:6e:4d:86:4e:68:64:f2:f8:6f:30:
                    d9:5e:6d:85:a6:16:0b:0f:87:67:3a:8a:90:63:ed:
                    b1:2b:7b:5e:90:61:26:88:98:06:65:b3:e7:3d:3c:
                    c1:bb:c2:c8:11:11:aa:4d:4f:8a:7a:57:e8:30:5c:
                    94:d3:aa:9a:41:a0:38:17:90:42:3f:9a:85:bc:d1:
                    46:30:bb:5b:a5:24:89:1c:2e:fd:3f:96:b8:ab:7d:
                    31:16:65:64:1f:de:45:f2:67:43:48:f2:4e:93:fe:
                    b5:95:1d:d5:ae:03:c0:c5:67:8c:cf:0a:24:68:92:
                    6c:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:00:6F:99:A3:D2:F6:E1:DB:C1:D4:11:03:82:05:C7:64:8F:5E:D6
            X509v3 Authority Key Identifier:
                keyid:1D:DD:15:EF:2F:59:AB:B9:5F:2D:9B:E5:CE:E3:30:38:88:62:3B:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd0V7y9Zq7lfLZvlzuMwOIhiO5c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0afa88-b526-4763-9528-8b60e4b94bcf/1/6ABvmaPS9uHbwdQRA4IFx2SPXtY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0afa88-b526-4763-9528-8b60e4b94bcf/1/Hd0V7y9Zq7lfLZvlzuMwOIhiO5c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  193.202.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:5c:d1:ed:ed:15:0e:2a:1c:34:98:78:fd:54:14:0d:ea:54:
         bf:1e:30:a6:4e:e4:08:dc:17:0c:a7:63:5c:d6:f7:2b:91:2a:
         d7:47:99:25:61:16:57:38:be:0e:07:39:87:77:1c:76:df:79:
         da:16:c1:47:d1:4d:61:73:ea:ba:85:0f:43:ef:6d:47:70:df:
         aa:07:e1:77:7e:17:9b:25:11:94:b6:b7:df:8b:bd:b4:57:b7:
         1e:38:cc:1c:5a:d4:da:4f:4e:53:6f:51:e6:e9:6c:32:c8:69:
         72:a6:d9:41:9d:4d:0e:fb:48:b0:b5:e9:18:23:9d:49:06:93:
         06:88:72:55:16:bd:03:fc:b8:5c:b9:19:8f:3a:a5:fb:d7:b7:
         2a:8c:23:bc:8a:8e:79:e3:f2:76:e2:66:75:a1:8b:21:e4:84:
         59:9b:e0:da:45:64:33:a6:25:75:46:ec:3f:fe:db:2a:b2:92:
         c8:69:f7:e4:c2:20:d5:12:1c:41:56:8f:c0:fc:bc:f2:1d:9b:
         4c:da:c9:ae:37:d9:83:ed:ef:81:f2:21:de:94:42:ae:0d:a8:
         a4:64:dd:14:70:77:50:8d:47:5a:88:3d:7f:ee:a8:80:88:a0:
         e7:fd:eb:99:43:9f:e4:43:f3:2e:f1:28:74:10:06:d8:80:97:
         35:5f:c0:e6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEClNH9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGRkMTVlZjJmNTlhYmI5NWYyZDliZTVjZWUzMzAzODg4NjIzYjk3MB4XDTIyMDEw
MTEyMDIyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTgwMDZmOTlhM2Qy
ZjZlMWRiYzFkNDExMDM4MjA1Yzc2NDhmNWVkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlHzwuOIze0Zos2od+oYvFkP3Pemh/+Sh3LcjLXSY0gnJFl
6YDuxJcW0eZBWaNwDLLoTbhmwFAd48RzO6Y/GFg79q8bYUhAoVRtoIHLwSeJgZfg
YTOK7SdxiQ2VuCV4YGxWzOdGqh7LS0L2Zi2BFeqT5UBvaJftXUD1Ty26se8qbcA3
5i5fULvFxjJuTYZOaGTy+G8w2V5thaYWCw+HZzqKkGPtsSt7XpBhJoiYBmWz5z08
wbvCyBERqk1PinpX6DBclNOqmkGgOBeQQj+ahbzRRjC7W6UkiRwu/T+WuKt9MRZl
ZB/eRfJnQ0jyTpP+tZUd1a4DwMVnjM8KJGiSbIMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBToAG+Zo9L24dvB1BEDggXHZI9e1jAfBgNVHSMEGDAWgBQd3RXvL1mruV8t
m+XO4zA4iGI7lzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hkMFY3eTlacTdsZkxadmx6dU13T0loaU81Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvMGFmYTg4LWI1MjYtNDc2My05NTI4LThiNjBlNGI5NGJjZi8x
LzZBQnZtYVBTOXVIYndkUVJBNElGeDJTUFh0WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
MGFmYTg4LWI1MjYtNDc2My05NTI4LThiNjBlNGI5NGJjZi8xL0hkMFY3eTlacTds
Zkxadmx6dU13T0loaU81Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHKezANBgkqhkiG9w0BAQsFAAOC
AQEAJFzR7e0VDiocNJh4/VQUDepUvx4wpk7kCNwXDKdjXNb3K5Eq10eZJWEWVzi+
Dgc5h3ccdt952hbBR9FNYXPquoUPQ+9tR3Dfqgfhd34XmyURlLa334u9tFe3HjjM
HFrU2k9OU29R5ulsMshpcqbZQZ1NDvtIsLXpGCOdSQaTBohyVRa9A/y4XLkZjzql
+9e3KowjvIqOeePyduJmdaGLIeSEWZvg2kVkM6YldUbsP/7bKrKSyGn35MIg1RIc
QVaPwPy88h2bTNrJrjfZg+3vgfIh3pRCrg2opGTdFHB3UI1HWog9f+6ogIig5/3r
mUOf5EPzLvEodBAG2ICXNV/A5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:40 2024 by rpki-client on console-ams.rpki-client.org